alt Hacker NewsLinkedIn runs an extension scan against a hardcoded list of 6,278 Chrome extensions on every visit. Detected results are packaged into encrypted telemetry and injected as an HTTP header into every subsequent API request during your session. This data can be used to identify your religious affiliations, tax-bracket, job search intent, and more.
I verified this myself and traced the implementation. Details and the technical breakdown in the article.
Replies
Call me crazy but both Google and MS started doing weird things like that since about the dinner at Trump. Did you know that Google Chrome now happily asks you to store your ID/Passport information on top of all the information they offered to store for the last 10 years or so? Why now? Why this crazy "enhanced" feature? (https://blog.google/products-and-platforms/products/chrome/e...)
I am far from conspiracy theorist but, god damn, if you take a few steps back from all the current madness and look at what's happening from a perspective, then YES, they're collecting all that data and it up to specific people and their IDs. I don't even want to guess how deep are Palantir and AI chat in this.
can, but how? Have you verify all 6278 and what they do?
Can someone here please create a LinkedIn replacement for developers that
1. Doesn't have the spam
2. That doesn't look like it's from 2008
3. That only developers / engineers / tech folks can join
4. Doesn't try to log into your email to steal your contact list
5. That doesn't track you or your extensions / browser fingerprint
6. That doesn't have a bunch of fake "linkedinmaxxing" garbage content
7. that doesn't have marketers and recruiters, etc.
8. ...
Can you confirm that the title is correct and that it encrypts rather than hashes?
Both are concerns, but sending interpretable data is a more serious concern.
I scanned through the article and did not see an example of the header it added.